Computers, Radio and more

Tag: Computing

  • On the extensibility of programming languages

    In the early days of PC compatible computers, MS-DOS came with GW-BASIC, a BASIC interpreter with many built-in commands for graphics, event handling and file access. .We had commands like:

    1000 ON KEY(1) GOSUB 100: REM call a subroutine when F1 key is pressed
1010 LINE (100,200)-(300,400): REM DRAW a line on the screen
1020 OPEN "myfile.txt" FOR INPUT AS #1 : REM speaks for itself
1030 PRINT USING "####.##";A : REM print number with specific formatting
1040 PRINT #1,"The numbers are:";A,B: REM print to a file, different parameter separators.

    Each of these command had its own special syntax. Apart from ON KEY we also had ON PEN to specify an action for the light pen, a truly forgotten device, that nevertheless got its own keyword in the syntax. The parentheses around the end points in the LINE command were part of the syntax and the “-” did not mean subtraction, but it was there suggest from..to. The PRINT command had an optional USING part, but also an optional ‘#’ part to specify a file and different separators between parameters: “;” to specify that the next parameter had to be printed immediately after the previous one and “,’ to specify that it had to be printed at the next “tab stop”.

    At the same time, GW-BASIC did not allow you to create new procedures, only the humble GOSUB, which is in some respects below the level of assembly language. QBASIC did add named subroutines, but calls to them did not look anything like the built-in commands.

    COBOL also has a very large number of commands built into the language, each with its own syntax.

    These languages represent one end of the extensibility spectrum. They came with many features included, but what you got, was all you would ever have.

    Suffice it to say that no modern programming language comes with built-in commands to draw lines and circles or to bind keypress events to functions. If you need this type of functionality, you can load a library for it.

    Pascal

    Pascal is a nice step up from the horrors of GW-BASIC. It lets you define your own functions and procedures and even your own data types. But if you look closer to Pascal, you will find that built-in procedures can do many things that user-defined procedures can’t:

    • The read and write procedures can take parameters of many different types. The same is true for some other built-in procedures, like reset, rewrite, new and dispose.
    • The read and write procedures can take a variable number of parameters.
    • The write procedure has special formatting syntax with colon characters to describe how a number should be printed. like write(a:12:3);

    Pascal clearly has its I/O functions baked into the language, using many privileged procedures.

    Small versus Big Languages

    Almost any modern programming languages has its I/O functionality outside the core language. Any I/O functionality in the standard library, could also be implemented in a library you could implement in the language itself. Programs in those languages can run on embedded systems that do not have terminal or file I/O, but very different I/O functionality instead.

    C is a small language, but flexible enough to write its own I/O library in C itself. C. Functions from stdio.h, such as fopen and fread are ordinary functions that you can just write in C. Even the printf function, with its variable number and types of parameters, can be written in C, though it requires some trickery.. Better yet, heap allocation functions like malloc and free can just be written in C.

    If you write code in C and don’t call any functions outside of your program, the resulting program will include very few external functions when it is linked. If you are on a RISC system without integer division, you get an integer division function linked with your program and you may get memcpy or its equivalent when you assign struct variables to one another. Software floating point functions are another thing you might get if your CPU has no hardware floating point and your program uses floating point. You can use C to write operating system kernels, boot loaders, embedded firmware, real-time applications and more.

    Zig, C3 and Odin are similarly small languages that don’t force you to link with an excessively sized runtime library..

    On the other hand, if your language has a garbage collector, your compiled programs will depend on a large piece of external code, the garbage collator itself. It takes away the control that you need when you write an operating system kernel or a real time embedded application.

    C does not have all the extension features that exist in programming languages. It has no operator overloading, no generics, no true modules and the preprocessor macros are very crude by today’s standards. A language like C3 has more extensibility features in that respect, even though this language is still not very big.

    Operator overloading makes a language more complex, but at the same time, it allows you to add data types like matrices, vectors, complex numbers and arbitrary size integers later, complete with algebraic operators, so we do not have to choose between including them in the base language (like Odin does) or not having the convenience of algebraic expressions with these types at all.

    Ada, C++, Java, Go, Rust and D are much larger languages than for example C. Some of these have a garbage collector, Rust achieves memory safety using extensive compiler checks. Sine if these languages support exceptions, so an errors can cause the program to unwind the stack through many call levels and then return to the level at which the exception is caught.

    While perl has hash tables and array lists as built-in types, most modern languages have the extensibility features to define them in their standard libraries, without them being necessary in the core language. Even a small language can have these features at its disposal, if it has enough extensibility features to add them.

    The Upper End of the Spectrum

    In terms of extensibility, LISP is probably the best language. While some languages brag about object-oriented features, LISP has always had the ability to be extended in a way to add them.

    LISP has macros that can rewrite programs in an arbitrary way. You can add new control structures, like more advanced loops or switch statements. Very few programming languages have that ability.

    LISP is one of very few languages that has no infix expressions. That makes its parser very simple. Once parsed, the LISP program is just a bunch of nested lists, a direct representation of the parse tree.

    A honourable mention goes to FORTH, Like LISP, it sacrifices infix expressions, but unlike LISP, it does not parse an expression into a nested list, instead it directly executes each token and lets the stack do all the work. While LISP uses prefix notation with parentheses to indicate nesting, FORTH uses postfix notation without parentheses. FORTH can also build new control structures. FORTH taps into some of the unique extensibility features that LISP also has, but its implementation is considerably simpler. It could work on machines with very little memory and it would execute much faster than interpreted BASIC or LISP.. I should devote s separate post to this little language.

  • Macro Systems for Programming

    The C preprocessor may be the worst macro system for any programming language. It is complex enough to seriously obfuscate programs with it, but it is not Turing complete, so you cannot meaningfully implement loops in it. The preprocessor supports conditional compilation using #if and #ifdef, but these conditionals cannot appear in the expansion of a macro. As the preprocessor is a separate pass from the C compiler itself. preprocessor conditionals cannot contain values that are only known to the compiler (and not to the preprocessor), such as the size of a data item, enum values or the value of an object declared ‘const’. So for instance you cannot do something like this:

    #if sizeof(struct1) != sizeof(struct2)
#error "struct1 must be the same size as struct2"
#endif

    Some tricks exist to do a similar check at compile time, like:

    int unused_array[-(sizeof(struct1) != sizeof(struct2)];

    This declares an unused array of size 0 (permitted) i n case the sizes are equal, but of size -1 (compile time error) if the sizes are not equal.

    Header files are not real “module interface” files, but hey are textually included by the preprocessor. We need the “include guard” pattern to prevent them from being include more than once, like this:

    #ifndef MYHEADER_H_
#define MYHEADER_H_
...

#endif

    If you define a macro expression that looks like a function call, you need to put parentheses around any parameters and around the expression itself. If the macro expands to a sequence of statements, you have to wrap in in a do .. while(0) construct. This is annoying and once in a thousand times you make a mistakes and another nasty bug is born.

    If macros can’t do what you want, you could use a more powerful macro processor, such as m4, or you could use a dedicated program to generate the C files for you. Think for example of the ‘yacc’ program to generate parsers. Apparently there is no standard way to convert a binary file into a C header file containing an initialised constant array with all the bytes of that file. If have written scripts to do that just too often. If these arrays are large, the memory consumption of the C compiler is usually terrible.

    Generics

    In C++ you have templates. These are useful for generating data structures that may contain different data types as their payload. So you can instantiate a hash table that contains integers or one that contains “struct foo” items. In fact the std::map template is generic over two types: one for the keys and one for the stored values. You can declare a map like this:

    std::map<std::string, u32> mytable;

    The parameters are in angle brackets and they are all handled at compile time. Templates perform some tasks that macros could do, but they are part of the compiler itself, not of some separate preprocessor. In C++, it is pretty easy to make use of pre-defined templates, but it is usually very hard to create your own templates.

    Other languages, like Ada, also have generics. The Ada programming language has no macro preprocessor, but it does have powerful generics.

    Other Languages

    Many programming languages do not have any macro system or preprocessor at all, not even generics. Languages like Pascal, FORTRAN and BASIC fall into this category.

    Python has no micros or generics either, but as it is dynamically typed, you do not need generics to implement generic container classes. You can use operators like ‘+’ and ‘<‘ in a function and they will automatically just work for any data types that support these operators, making the function a generic one.

    Systems like LISP support macros that allow you to build arbitrary LISP programs under program control. This way you can for example add totally new control structures to the language.

    Some programming systems have a clear distinction between “compile time” and “execution time”. When the C compiler runs, it translates the C program to assembly language, but it cannot itself run C code. The compiler can run on a system different from where the compiled code is to run. You can run a C compiler on an x86 PC and let it generate code that will run on a Raspberry Pi Pico (ARM Thumb 2 core). With interpreted languages, like Python, you can run Python code at load time. When you import a Python module, it will usually add new functions and/or classes to your program, but it could also run code immediately when it loads. It could build a complex data structure when it loads. The Python interpreter can always run Python code.

    FORTH has an interesting combination of features. When it compiles new functions (colon definitions), it converts FORTH source code into threaded code, which can later be interpreted. When not compiling new functions, it just runs your FORTH code. In FORTH, you can extend the compiler, so you can define new control structures. This gives you the same flexibility as LISP macros. Extending the compiler is done by marking some FORTH functions IMMEDIATE, so they will execute, even while a new function is being compiled. By default, the compiler would just add the function’s address to the threaded code.

    Rust has macros. For example println! is a macro. Using those macros is fairly easy, but defining new ones is a hard job, requiring you to learn much about compiler internals.

    Assemblers have had macros for a long time. A macro could expand to a sequence of instructions and depending on the exact assembler you were using, you could give the macro parameters (for example specifying a register to be used on some of the instructions), the macro expansion could contain conditional assembly or even loops and the macro expansion could contain local labels, so the labels inside different instances of the macro would not conflict with one another.

    Zig

    Zig is the latest development in macro technology.,First of all, Zig is a true compiler. It converts your source code to compiled machine code, to be executed later, possibly on a completely different machine. Therefore it has clearly distinct compile time and run time phases. But even at compile time, the compiler can run Zig code in your source files. Zig replaces any dedicated macro language that programming languages may have. The build script is Zig code, generics are implemented using Zig code. This can work because data types are values that can be parameters and returned results of compile time Zig functions. Zig code can generate arbitrarily complex data tables at compile time.

    One example of compile time behaviour in Zig: the format strings for formatted printing are parsed at compile time and calls to specific output functions are generated, depending on the desired format and the types of the parameters passed to that function.

  • Overflow checking

    In the beginning we had 16-bit integers. £327.67 was still a lot of money and the total amount in a single sale of your shop was unlikely to be more than that. Until it was and you got a negative amount on your sales slip. When the amount was represented in decimal, you still found yourself in for surprises when amounts started to exceed £999.99 or whatever you thought the maximum would be.

    How computer systems handle integer overflow, depends very much on the programming language used. Integer BASIC versions usually aborted the program with an overflow error. That sucked, but at least you knew there was something wrong. Many compiled languages on the other hand, silently ignored the error and just wrapped the number around. Compiled C typically ignores the error. Most CPUs do have an overflow flag, so the machine has the possibility to check for overflow and throw an error in this case. But the designers of RISC-V, in all their wisdom, decided to leave out the overflow status flag because C was the only language worth dealing with and nobody ever checked for integer overflow. Of course you can still do it on RISC-V, but it takes multiple instructions.

    In some cases, the wrap-around behaviour of integer overflow is actually desired, especially in hash functions or when emulating the behaviour of real hardware. This mostly applies to unsigned integers. The C standard specifies wrap-around behaviour for unsigned integers and (until recently) specified signed integer overflow as undefined behaviour.

    Possible Handling

    There are many ways to deal with integer overflow:

    • Ignore it and wrap around, which is the default behaviour in C.
    • Set an integer status bit, which could be checked after every addition and subtraction. Most CPUs, such as x86 and ARM have this.
    • Trap the overflow in hardware. Some CPUs, like MIPS, can do this.
    • Have a ‘sticky’ overflow status bit. It could be cleared before a computation and could be checked at the end of a computation. If any operation caused overflow, the bit would be set. This is what the exception flags in floating point hardware actually do.
    • Use the maximum negative value 0x8000, 0x80000000 or 0x8000000000000000 as a special overflow value. If any of the inputs of an addition or subtraction have this value, or if an overflow occurs, the result is this value. It would be similar to the NaN value for floating point operations.
    • Redo the operation with floating point (some versions of BASIC) or arbitrary size integers (Python).
    • Throw an exception on integer overflow.
    • Panic (abort the program) on integer overflow
    • Saturate, i.e. let the result be either the maximum positive value (0x7ffffffff) or the maximum negative value (0x80000000). Some DSPs or SIMD instructions in some general purpose CPUs can do this.

    Consequences

    If you ignore integer overflow and just wrap around, integer addition retains its associative properties (a+b)+c is equal to a+(b+c). As soon as you start to saturate or trap the overflow condition, the associative property no longer holds. (MAXINT+1)-1 is not equal to MAXINT+(1-1). In the former case the result will be MAXINT-1 (in the case of saturation) or an error condition. In the latter case the result will be MAXINT. Therefore, in some cases, you are saved by not detecting overflow, but this is not something you should be relying on.

    One early observation was that (A-B) < 0 is not a reliable way to check A < B. A-B could overflow and you would get the wrong result. For 16-bit signed integers, 30000 – -10000 overflows and gives a negative number, wile of course 30000 > -10000. Most CPUs have dedicated compare and conditional branch instructions that give you the correct result in all cases. The 8080 did not have an overflow flag at all and the 6502 and Z80 had an overflow flag, but no dedicated Branch-if-less-than instruction. You had to do multiple conditional branches to properly test for less-than of signed quantities. The 6809 on the other hand did have a BLT (Branch if less than) instruction, as did the 8086, 68000, ARM and anything more modern.

    Computing the average of two integers can fail due to overflow, if done in a straightforward way. There are tricks to make it work under all circumstances. For unsigned integers we have the expression (a&b) + ((a^b)>>1)

    Even if the computation itself does not overflow (as it is done in 32-bit on most modern machines), storing the result in a shorter variable (8 or 16 bits) could still overflow. Compilers may or may not add checks for this. For C they typically don’t,

    In some cases you have to be very careful to cast the operands to a wider type before doing the operations. For example:

    uint32_t a=1000000;
uint32_t b=2000000;
uint64_t c = (uint64_t)a * (uint64_t)b;

    If we forget to cast, we do a 32×32 bit multiplication that overflows.

    The Zig programming language is very picky about overflow checking. It even checks unsigned operations. If you do want wrap-around behaviour (for example for hash functions), you have to explicitly use operations that wrap around, like ‘+%’ and ‘-%’.

    If a multiplication is part of the size computation for an allocation, we could allocate a way too small buffer if the multiplication overflows, which in turn could lead to memory corruption. It is therefore important to detect the overflow in this case. (but in the case of C, this is often not possible).

    Avoiding Overflow

    Integer overflow can often be avoided by choosing the data types for your computation sufficiently wide and to range-check your inputs.

    For example, in a webshop (for consumers), it makes no sense to accept orders of more than 100 of the same item. If you allow the user to type any integer, even 1 billion, and do not check this is within reasonable limits, you could cause an overflow when multiplying it by the item price. If both the item price and the number of items are within a set range, you can prove that the multiplication cannot overflow.

    With simple formulas, it is often feasible to assure that no overflow occurs whatever the input values, when the inputs are all within the acceptable range. If you also range-check intermediate values (like the running total of your order), you can prevent overflow from happening and possibly error out with a sensible message, such as “Orders above £10000 are not accepted”.

    Dealing with Overflow

    If you cannot avoid overflow (or stumble across it despite best efforts), you have to deal with it. It depends entirely on the situation what you should do. If your job is controlling an aircraft, it’s never acceptable to just abort and let the plane drop from the sky. It your job is computing this year’s tax statement, it might be good to abort, so somebody could recompile the program with larger integer types and redo the calculations. If your program contains lots of unsaved user data, you should at least try to save that data before aborting. A spreadsheet may convert the integer values to floating point values and redo the calculation that way.

    Maybe the database format needs to be changed and all existing databases converted, because some fixed width fields are now too small to hold values that can occur after all. You should see these things coming in advance so you can plan the conversion ahead. For example the Unix timestamp overflow in 2038.

    As with any error handling, there is never one good way that works in all cases.

  • Operator overloading

    Last time I talked about garbage collection, a feature that some programming languages have and other don’t. Garbage collection adds runtime overhead, but makes memory management safer. There is also a third way, used by Rust, in which the compiler makes checks at compile time and guarantees memory safety that way, but at the cost of very complex restrictions, hard to grasp by new programmers.

    This time I will take about operator overloading. Some people like the feature, but others insist on it being left out of their favourite programming language because it adds unnecessary complexity to the language.

    Infix operators

    In the mid 1950s, FORTRAN introduced infix operators, complete with precedence rules ( in A+B*C the multiplication between B and C is performed first, before adding the result to A) and parentheses (In A*(B+C), the addition between B and C is performed first, before multiplying the result by A). This infix notation closely follows algebraic formulas used in mathematics for centuries.

    Nearly all programming languages adopted infix expressions. Notable exceptions are FORTH (that uses Reverse Polish Notation, like B C + A *) or LISP (that puts the operator first and uses lots of parentheses, like (* A (+ B C))).

    Infix expressions were a step up from assembly, where we used to write things like:

    ADD T, B, C
MUL T, T, A

    Operands in infix expressions can be variables, constants, array elements and function calls. Infix expressions are typically used on the right hand side of an assignment. An assignment statement in FORTRAN may look like:

    A = A + COS(PHI) + 2*SIN(B(I))

    Where B is an array (indexed by I), A and PHI are variables and COS and SIN are functions.

    Operator Overloading

    Languages like FORTRAN, BASIC, Pascal and C can use operators on a fixed number of data types, always including integers and real numbers. In Pascal we can use + and * operators for sets, in Basic we can use + to concatenate strings and in C we can use + to add to pointers. Nearly all languages have relational operations like < and > and also Boolean operators like AND and OR. But the types and semantics, as well as the data types that can be used, are hardcoded into the programming language. For example, it is not possible to define a COMPLEX number type and define new infix operators for them, equivalent to what the algebraic operators are for complex numbers in mathematics (some of these languages have COMPLEX data types, but these are then also hardcoded into the language).

    Algol-68 was one of the first programming languages to have operator overloading. It could redefine existing operators for new types, it allowed you to add completely new infix operators and you could specify the priorities of any of these operators. This might have been too much flexibility and room for abuse.

    Most large programming languages, like Python, C++, Ada and Rust do allow you to overload infix operators, but none of them allows to to add completely new infix operators or to redefine operator priorities.

    Benefits

    In mathematics, algebraic expressions are not just used with numbers, but for example also with vectors and matrices. Especially for those with knowledge of the problem domain, infix expressions are very readable. A single infix expression with vectors and matrices, can replace a rat’s nest of hard to read function calls. An expression with vectors and matrices is certainly more readable than a loop over the separate array values or two nested loops for matrix multiplication.

    Types that are suitable for operator overloading:

    • Vectors and matrices, with scalar multiplication, inner product, matrix multiplication and matrix-vector multiplication.
    • New numeric types, like arbitrary size integers or complex numbers.
    • Sets
    • Lists and strings for concatenation (using + operator) and sometimes the * operator for replicating n times.
    • Arbitrary algebraic types as mathematicians define them, as long as they can be represented in a computer and operations can be implemented.

    Drawbacks

    To an unsuspecting reader, an expression with infix operators may look like it’s just adding and multiplying integers (or maybe floating point numbers), while in reality it is doing arbitrarily complex operations on arbitrarily complex data structures.

    Sometimes, operators are overloaded to do operations that are totally unrelated to their original meaning, for example the << operation in C++, that was originally “left shift”, but it is used to output something on an output stream.

    In some languages, such as C++, you can also overload operations like assignment or array subscripting. This is all fine, as long as you do this to implement sane assignment or subscripting semantics for them, but it gets pretty ugly if you implement totally unrelated functionality for these operators.

    In some languages, such as C++, you can also overload operations like assignment or array subscripting. This is all fine, as long as you do this to implement sane assignment or subscripting semantics for them, but it gets pretty ugly if you implement totally unrelated functionality for these operators.

    Even in cases where it does make sense to overload, there are some drawbacks:

    • It is not always clear what an overloaded operator will do. For example: is the ‘*’ operator between matrices doing matrix multiplication or component-wise multiplication instead?
    • Overloaded operators and the function calls that the compiler invokes for these operations, may in many cases not be the optimal way to perform a task. Dedicated function calls for a specific task may run more efficiently.

    What Some Languages Do

    Three “small” languages that aim to replace C, chose different solutions:

    • Zig does not have operator overloading. It has some infix operations on vectors though.
    • Odin does not have operator overloading, but it has many operations on vectors, matrices, complex numbers and even quaternions. AFAIK, this is the only language that has quaternions as a built-in type.
    • C3 does allow operator overloading. The documentation contains a plea to use it only in useful ways, but that might not help too much.

  • To garbage collect or not to garbage collect

    Many computer programs require more memory as the size of the data increases. For example, a spreadsheet uses more RAM if the sheet contains more columns and rows. If you delete a row or column of the spreadsheet, the RAM used by it should be freed, so it can be reused later if new rows or columns get added to it. If you delete parts of a spreadsheet and the RAM does not get freed, the program will keep using more and more RAM as you delete cells and later add new cells, even if the total size of the spreadsheet does not increase. This is called a memory leak. The longer you use the program, the more RAM it will use, until it requires more RAM than is available and the program crashes.

    Many programs require the capability to dynamically allocate memory. Support in programming language varies. Most versions of BASIC do not allow you to allocate entirely new objects and arrays cannot be resized. However, strings can be of variable length, so you use way more memory if you have long strings in a string array, compared to the situation where all strings are null strings. In Python on the other hand, you can dynamically resize lists and even store new lists inside lists.

    Allocation

    Memory is allocated on what we mostly call the “heap”. A memory address range is reserved for the heap. When a program needs more RAM, it calls an operating system function to allocate a large chunk of memory in that address range. When that memory fills up and still more memory is needed, another system call is made to add more memory to the heap. Within that address range, the runtime library manages the blocks that are free and that are allocated. Free blocks are on a free list. When an allocation function is called, a free block is taken from the free list. When the free block was (much) larger than the amount of memory requested, the block is split. The used part is allocated and the unused part is put back on the free list. When an allocated block is freed, it is put on the free list again. If the freed block is next to another free block, these two blocks are usually merged into a single larger free block.

    Even if we do everything right and free each block as soon as it is no longer in use, the heap may get fragmented. The total amount of free space may be large enough, but the free space may consist of many small blocks with allocated blocks in between.

    Also an allocation may take much longer if a long free list must be traversed before a suitable block is found.

    Some languages, like Zig allow you to specify which allocator you want to use in which situation, so you can have an allocator that is more suitable for a specific application.

    Garbage Collection.

    If you delete an object (for example a list) in Python, the Python interpreter itself takes care to free that memory. Take the following code fragment:

    a = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]
b = a
a = None
b = None

    The first line allocates memory for a list of 10 numbers. The variable a stores a reference to that list. The second line causes variable b to store a reference to the same list. The list is not copied: it’s the same list in the same memory. The third line causes the variable a to no longer refer to the list. But the list is still accessible through variable b, so it cannot be freed. The fourth line causes variable b to no longer refer to that list. Now it becomes unreferenced and it can be freed.

    Earlier versions of Python used a reference count in each object. Line 1 would give the list reference count 1 (only one reference from variable a). Line 2 would increase the reference count to 2, line 3 would decrement it to 1 and line 4 would decrement it to 0, in which case it was time to free the memory. This is comparatively simple, but it would not work in case cyclic references exists. Lists can store references to other list (or even to the same list). Take for example the following Python fragment:

    a = [1, 2, 3, 4, 5]
b = [10, a]
a[4] = b
a = None
b = None

    The first three lines create a pair of lists that contain references to each other. List b has two elements: the number 10 and (a reference to) list a. List a has five elements: the numbers 1 through 4 and a reference to list b. Even when the variables are reassigned, the references inside the two lists remain valid and the reference counts will not decrease to 0. Both lists will be inaccessible though, as there are no other references from outside. Therefore, modern versions have a true garbage collector (in addition to the reference counting), to free up memory in situations like this.

    A garbage collector performs the following job:

    • It starts from all variables that contain references to objects. Those objects are marked.
    • For all marked objects, check which other objects are referenced from them. If they are not already marked, mark them and repeat the operation for the newly marked objects.
    • Free all allocated objects that are not marked.
    • Remove the marking from the marked objects.

    The job of a garbage collector is very complex. It uses much CPU power and while it is marking all dynamic objects that are still reachable, all operations of the program must be paused. This is unacceptable for hard real-time systems. If the program is supposed to react within 5 ms, we cannot accept that the program is frozen for 500 ms during garbage collection. In general you have no control when the garbage collector will kick in and when a large chunk of memory will actually be freed.

    Languages like Python, Lisp, Java and Go have a garbage collector. Of all these, Go is a truly compiled language and its garbage collector is state of the art and aims to reduce the duration of any pauses in the program.

    Manual Free

    C is on the other extreme. See the following code snippet:

    int *a = malloc(10 * sizeof(int));
int *b = a;
if (a == NULL) return -1;
...
free(a);

    In the first line, we call the malloc function to allocate a chunk of memory for an array of 10 integers. We have to calculate the size manually: multiply 10 (the number of integers we want) by the size of one integer. Of course we have to check that the returned pointer is non-null.

    The variable b points to the exact same array.

    At the end of the program, we free the memory again. If we forget to free, we create a memory leak, if we free too soon, some pointers may still point to it, while the data in that memory range is no longer valid; the runtime system may have reused it for completely different purposes. If we call free(a), we may set a to the NULL pointer to prevent it from being used to access the array, but we may have forgotten about pointer b, which still points to the same memory.

    Manual free leaves room for a lot of bugs that would be prevented by using garbage collection.

    C,Pascal and Zig use manual free. C++ has this too, but it also has managed data types that take care of allocation and freeing internally.

    Rust

    And then of course we have Rust. Rust has no garbage collector, but it severely restricts how pointers (references) may be passed around. A dynamically allocated object always has one “owner”, which will be responsible for freeing it. References to objects can be “borrowed” by other functions, in which case they are temporarily unavailable to the owner. This is all checked by the compiler. The compiler knows when an object can be freed and it takes care to call free when appropriate, so you don’t have to do this explicitly.

    Due to the restrictions that Rust puts on copying of pointers, it is not really possible to have data structures with cyclic references either.

    The advantages of Rust:

    • You don’t have a garbage collector with the runtime overhead and nondeterministic timing.
    • You get memory safety with respect to freed dynamic memory. No use after free or double free and no memory leaks.
    • Rust also makes sure that in a multithreaded environment, only one thread gets access to any given object at the same time (multiple readers are okay, but a writer needs truly exclusive access)..

    Disadvantages of Rust:

    • Some data structures, consisting of nodes linked by pointers, are impossible to create.
    • Semantics of ownership and of the borrow checker are extremely complex. Getting a program compiled at all, can be a frustrating experience for beginners.